IIS application pool recycles on each page load.

Problem:
I had applied DISA STIG to an IIS application.  Once this was done all page loads required new sessions.  This wiped out any session memory since this gets wiped when a page reloaded.




Why:
Culprit was application pool settings Virtual Memory Limit. 

 

This setting prevents an application from consuming all available memory for IIS which then would

Cause IIS to shut down and force a restart bringing down all websites on that instance of IIS.

The virtual memory limit was designed to prevent this by setting a threshold.  Once that threshold

Is reached the app pool automatically recycles wiping memory and thus preventing any danger of

Lockout due to excessive memory usage. 

 

Explanation:

This setting is was valid in IIS 7 when 64 bit OS'es were not always the norm.  In IIS 8.5 we are on 64 bit OS and ASP.Net does memory management much better.  Further complications are that ASP.Net's memory management can get into a "fight" with IIS over who is doing memory management.   This will only occur if you set the Virtual memory limit to something besides 0 (default).  This is exactly was the IIS 7 STIG prescribes.   End result is that the application pool session is constantly being recycled.  This means that a long running FSA session can be terminated during the middle of an operation.  If this occurs more than 5 times in 5 minutes then the app pool is automatically locked.

Solution:

The Virtual memory limit on the FSA application pool has been set to its default value 0.  This means that ASP.Net will manage memory inside the application.

Source:
https://technet.microsoft.com/en-us/library/cc732519(v=ws.10).aspx
http://blog.walteralmeida.com/2011/07/iis7-private-memory-limit-versus-virtual-memory-limit.html